Road to GDPR compliance: developments in Greece

In one month the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (hereinafter as GDPR) comes into force and Greek stakeholders have launched measures for compliance therewith. The Greek Data Protection Authority has issued announcements on GDPR implementation, such as on Data Protection Officers and their main role, their main duties and responsibilities, the respective certification requirements and professional skills thereof. Additionally, several seminars, symposia and workshops have been organized for purposes of raising public awareness of the GDPR.

With regard to state initiatives on GDPR compliance the Ministry of Justice submitted for public consultation a draft law, which contains provisions both for GDPR implementation and the adoption of the Directive (EU) 2016/280 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data by competent authorities for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, and on the free movement of such data, and repealing Council Framework Decision 2008/977/JHA.

The public consultation lasted from 20.2.2018 until 2.3.2018, and the draft law is shortly expected to be submitted to the Greek parliament for its adoption. In addition, further guidelines on GDPR implementation are expected to be published by the Data Protection Authority.